issue with login and authentification for multi-tenant schema

Using Django
#1

I am struggling with my login system. At this point, I have watched so many different things about the topic that I got a bit lost. I have tried using the built-in authentication system but I failed to make it work with django-tenant because if I properly understand it requires to work with the built in User model.

Then I guess my underlying issue is that I dont know how to integrate Django User model with what I have. On the other hand, I dont know how to write something that would replace the built in authenticate system in Django.

Ideally I would like to integrate what I have with Django built in User for a safe and secure authentication system.

Here is what I have been to come up with on my own so far. it “runs” but clearly does not do anything!
model.py

class Client(TenantMixin):

    id = models.AutoField(primary_key=True)
    name = models.CharField(max_length=100, default='')
    email = models.EmailField(default='')
    company = models.CharField(max_length=100, default='')
    password = models.CharField(max_length=100, default='')
    created_on = models.DateField(auto_now_add=True)

class Domain(DomainMixin):
    pass

forms.py

class UserLoginForm(forms.Form):
    email = forms.CharField()
    password = forms.CharField(widget = forms.PasswordInput)
    company = forms.CharField()

    def cleaned_data(self):
        email = self.cleaned_data.get('email')
        password = self.cleaned_data.get('password')
        company = self.cleaned_data.get('company')

        try:
            tenant = Client.objects.get(email=email, password=password, company=company)

        except Client.DoesNotExist:
            raise forms.ValidationError("User does not exist")

        if email and password:
            user = authenticate(username= email, password= password)
            if not user:
                raise forms.ValidationError('THIS USER DOES NOT EXIST')

            if not user.check_password(password):
                raise forms.ValidationError('incorrect password')

            if not user.is_active:
                raise forms.ValidationError('this user is not active')

        return super(UserLoginForm, self).clean()

views.py

def login_view(request):
    form = UserLoginForm(request.POST or None)
    if form.is_valid():
        company = form.cleaned_data.get('company')
        email = form.cleaned_data.get('email')
        password = form.cleaned_data.get('password')

        ##tenant = authenticate(request, username=email, password=password)

        with schema_context(tenant.schema_name):

            redirect = 'http://' + tenant.company + '.inventory4.com:8000/upload'
        return HttpResponseRedirect(redirect)

    context = {
        'form' : form,
    }
    return render(request, 'login.html', context)

Thank you very much for any kind of advice or help you may have. Believe me they would go a long way. Thanks!

#2

I’ve never used django-tenant, so this comment is just based on a brief perusal of the documentation, but I think you might be confusing a “tenant” with a user.

I believe that a tenant is the organization that “owns” their portion of your web site.

For example, if you have company ABC and XYZ both using your application, they are the tenants.

So the tenant isn’t someone who logs on - it’s a mapping between the hostname in a url and the database schema used to support them.

It’s function is to say that if someone logs in to abc.example.com, it’s going to use the abc schema in your database. If someone logs in to xyz.example.com, they will use the xyz schema.

So your user accounts are going to be what they would normally be - they’re transparent to the tenant structure, other than they are only going to exist in the User table of the proper schema.

(Now, I could be 100% wrong here - I’ve never used this feature, and I’m primarily interpreting what I’m reading through the lens of having done this with other frameworks - but I don’t think I’m too far wrong.)

Ken